|
| 1 | +import { ClickHouseService } from "./clickhouse.ts"; |
| 2 | +import { ClickHouseConfig } from "./types.ts"; |
| 3 | + |
| 4 | +/** |
| 5 | + * AuthMigrationService handles database schema migrations for user authentication |
| 6 | + * Creates and manages users, api_keys tables and updates existing events table |
| 7 | + */ |
| 8 | +export class AuthMigrationService { |
| 9 | + private clickhouse: ClickHouseService; |
| 10 | + private config: ClickHouseConfig; |
| 11 | + |
| 12 | + constructor(clickhouse: ClickHouseService) { |
| 13 | + this.clickhouse = clickhouse; |
| 14 | + this.config = clickhouse.config; |
| 15 | + } |
| 16 | + |
| 17 | + /** |
| 18 | + * Run all authentication-related migrations |
| 19 | + */ |
| 20 | + async runAuthMigrations(): Promise<void> { |
| 21 | + console.log("Starting authentication database migrations..."); |
| 22 | + |
| 23 | + try { |
| 24 | + await this.createUsersTable(); |
| 25 | + await this.createApiKeysTable(); |
| 26 | + await this.updateEventsTableWithUserId(); |
| 27 | + |
| 28 | + console.log("Authentication migrations completed successfully"); |
| 29 | + } catch (error) { |
| 30 | + const errorMessage = error instanceof Error |
| 31 | + ? error.message |
| 32 | + : String(error); |
| 33 | + throw new Error(`Authentication migration failed: ${errorMessage}`); |
| 34 | + } |
| 35 | + } |
| 36 | + |
| 37 | + /** |
| 38 | + * Create the users table for storing user accounts |
| 39 | + */ |
| 40 | + async createUsersTable(): Promise<void> { |
| 41 | + const systemDatabase = this.config.systemDatabase || this.config.database || |
| 42 | + "default"; |
| 43 | + |
| 44 | + const createUsersTableQuery = ` |
| 45 | + CREATE TABLE IF NOT EXISTS ${systemDatabase}.users ( |
| 46 | + id String DEFAULT generateUUIDv4(), |
| 47 | + email String, |
| 48 | + password_hash String, |
| 49 | + created_at DateTime DEFAULT now(), |
| 50 | + updated_at DateTime DEFAULT now() |
| 51 | + ) |
| 52 | + ENGINE = MergeTree() |
| 53 | + ORDER BY id |
| 54 | + SETTINGS index_granularity = 8192 |
| 55 | + `; |
| 56 | + |
| 57 | + try { |
| 58 | + await this.clickhouse.queryDatabase( |
| 59 | + systemDatabase, |
| 60 | + createUsersTableQuery, |
| 61 | + ); |
| 62 | + console.log( |
| 63 | + `Users table created successfully in database '${systemDatabase}'`, |
| 64 | + ); |
| 65 | + |
| 66 | + // Create unique index on email for fast lookups and uniqueness enforcement |
| 67 | + const createEmailIndexQuery = ` |
| 68 | + CREATE INDEX IF NOT EXISTS idx_users_email ON ${systemDatabase}.users (email) TYPE bloom_filter GRANULARITY 1 |
| 69 | + `; |
| 70 | + |
| 71 | + try { |
| 72 | + await this.clickhouse.queryDatabase( |
| 73 | + systemDatabase, |
| 74 | + createEmailIndexQuery, |
| 75 | + ); |
| 76 | + console.log("Email index created for users table"); |
| 77 | + } catch (indexError) { |
| 78 | + // Index creation might fail in some ClickHouse versions, but table creation succeeded |
| 79 | + console.warn( |
| 80 | + "Could not create email index (this is not critical):", |
| 81 | + indexError, |
| 82 | + ); |
| 83 | + } |
| 84 | + } catch (error) { |
| 85 | + const errorMessage = error instanceof Error |
| 86 | + ? error.message |
| 87 | + : String(error); |
| 88 | + throw new Error(`Failed to create users table: ${errorMessage}`); |
| 89 | + } |
| 90 | + } |
| 91 | + |
| 92 | + /** |
| 93 | + * Create the api_keys table for storing user API keys |
| 94 | + */ |
| 95 | + async createApiKeysTable(): Promise<void> { |
| 96 | + const systemDatabase = this.config.systemDatabase || this.config.database || |
| 97 | + "default"; |
| 98 | + |
| 99 | + const createApiKeysTableQuery = ` |
| 100 | + CREATE TABLE IF NOT EXISTS ${systemDatabase}.api_keys ( |
| 101 | + id String DEFAULT generateUUIDv4(), |
| 102 | + user_id String, |
| 103 | + key_hash String, |
| 104 | + name String DEFAULT '', |
| 105 | + created_at DateTime DEFAULT now(), |
| 106 | + last_used_at Nullable(DateTime) |
| 107 | + ) |
| 108 | + ENGINE = MergeTree() |
| 109 | + ORDER BY (user_id, id) |
| 110 | + SETTINGS index_granularity = 8192 |
| 111 | + `; |
| 112 | + |
| 113 | + try { |
| 114 | + await this.clickhouse.queryDatabase( |
| 115 | + systemDatabase, |
| 116 | + createApiKeysTableQuery, |
| 117 | + ); |
| 118 | + console.log( |
| 119 | + `API keys table created successfully in database '${systemDatabase}'`, |
| 120 | + ); |
| 121 | + |
| 122 | + // Create index on key_hash for fast API key validation |
| 123 | + const createKeyHashIndexQuery = ` |
| 124 | + CREATE INDEX IF NOT EXISTS idx_api_keys_hash ON ${systemDatabase}.api_keys (key_hash) TYPE bloom_filter GRANULARITY 1 |
| 125 | + `; |
| 126 | + |
| 127 | + try { |
| 128 | + await this.clickhouse.queryDatabase( |
| 129 | + systemDatabase, |
| 130 | + createKeyHashIndexQuery, |
| 131 | + ); |
| 132 | + console.log("Key hash index created for api_keys table"); |
| 133 | + } catch (indexError) { |
| 134 | + // Index creation might fail in some ClickHouse versions, but table creation succeeded |
| 135 | + console.warn( |
| 136 | + "Could not create key hash index (this is not critical):", |
| 137 | + indexError, |
| 138 | + ); |
| 139 | + } |
| 140 | + } catch (error) { |
| 141 | + const errorMessage = error instanceof Error |
| 142 | + ? error.message |
| 143 | + : String(error); |
| 144 | + throw new Error(`Failed to create api_keys table: ${errorMessage}`); |
| 145 | + } |
| 146 | + } |
| 147 | + |
| 148 | + /** |
| 149 | + * Update existing events table to include user_id column |
| 150 | + */ |
| 151 | + async updateEventsTableWithUserId(): Promise<void> { |
| 152 | + const systemDatabase = this.config.systemDatabase || this.config.database || |
| 153 | + "default"; |
| 154 | + const tableName = (this.config as any).tableName || "events"; |
| 155 | + |
| 156 | + try { |
| 157 | + // Check if user_id column already exists |
| 158 | + const checkColumnQuery = ` |
| 159 | + SELECT name |
| 160 | + FROM system.columns |
| 161 | + WHERE database = '${systemDatabase}' |
| 162 | + AND table = '${tableName}' |
| 163 | + AND name = 'user_id' |
| 164 | + `; |
| 165 | + |
| 166 | + const existingColumns = await this.clickhouse.queryDatabaseJSON( |
| 167 | + "system", |
| 168 | + checkColumnQuery, |
| 169 | + ); |
| 170 | + |
| 171 | + if (existingColumns.length > 0) { |
| 172 | + console.log(`Column 'user_id' already exists in table '${tableName}'`); |
| 173 | + return; |
| 174 | + } |
| 175 | + |
| 176 | + // Add user_id column to existing events table |
| 177 | + const addColumnQuery = ` |
| 178 | + ALTER TABLE ${systemDatabase}.${tableName} |
| 179 | + ADD COLUMN IF NOT EXISTS user_id Nullable(String) |
| 180 | + `; |
| 181 | + |
| 182 | + await this.clickhouse.queryDatabase(systemDatabase, addColumnQuery); |
| 183 | + console.log(`Added 'user_id' column to events table '${tableName}'`); |
| 184 | + |
| 185 | + // Create index on user_id for efficient user-specific queries |
| 186 | + const createUserIdIndexQuery = ` |
| 187 | + CREATE INDEX IF NOT EXISTS idx_events_user_id ON ${systemDatabase}.${tableName} (user_id) TYPE bloom_filter GRANULARITY 1 |
| 188 | + `; |
| 189 | + |
| 190 | + try { |
| 191 | + await this.clickhouse.queryDatabase( |
| 192 | + systemDatabase, |
| 193 | + createUserIdIndexQuery, |
| 194 | + ); |
| 195 | + console.log("User ID index created for events table"); |
| 196 | + } catch (indexError) { |
| 197 | + // Index creation might fail in some ClickHouse versions, but column addition succeeded |
| 198 | + console.warn( |
| 199 | + "Could not create user_id index (this is not critical):", |
| 200 | + indexError, |
| 201 | + ); |
| 202 | + } |
| 203 | + } catch (error) { |
| 204 | + const errorMessage = error instanceof Error |
| 205 | + ? error.message |
| 206 | + : String(error); |
| 207 | + throw new Error( |
| 208 | + `Failed to update events table with user_id column: ${errorMessage}`, |
| 209 | + ); |
| 210 | + } |
| 211 | + } |
| 212 | + |
| 213 | + /** |
| 214 | + * Verify that all authentication tables exist and have correct schema |
| 215 | + */ |
| 216 | + async verifyAuthSchema(): Promise<{ |
| 217 | + usersTableExists: boolean; |
| 218 | + apiKeysTableExists: boolean; |
| 219 | + eventsHasUserId: boolean; |
| 220 | + errors: string[]; |
| 221 | + }> { |
| 222 | + const systemDatabase = this.config.systemDatabase || this.config.database || |
| 223 | + "default"; |
| 224 | + const tableName = (this.config as any).tableName || "events"; |
| 225 | + const errors: string[] = []; |
| 226 | + |
| 227 | + let usersTableExists = false; |
| 228 | + let apiKeysTableExists = false; |
| 229 | + let eventsHasUserId = false; |
| 230 | + |
| 231 | + try { |
| 232 | + // Check users table |
| 233 | + const usersTableQuery = ` |
| 234 | + SELECT 1 FROM system.tables |
| 235 | + WHERE database = '${systemDatabase}' AND name = 'users' |
| 236 | + LIMIT 1 |
| 237 | + `; |
| 238 | + const usersResult = await this.clickhouse.queryDatabaseJSON( |
| 239 | + "system", |
| 240 | + usersTableQuery, |
| 241 | + ); |
| 242 | + usersTableExists = usersResult.length > 0; |
| 243 | + |
| 244 | + if (!usersTableExists) { |
| 245 | + errors.push("Users table does not exist"); |
| 246 | + } |
| 247 | + |
| 248 | + // Check api_keys table |
| 249 | + const apiKeysTableQuery = ` |
| 250 | + SELECT 1 FROM system.tables |
| 251 | + WHERE database = '${systemDatabase}' AND name = 'api_keys' |
| 252 | + LIMIT 1 |
| 253 | + `; |
| 254 | + const apiKeysResult = await this.clickhouse.queryDatabaseJSON( |
| 255 | + "system", |
| 256 | + apiKeysTableQuery, |
| 257 | + ); |
| 258 | + apiKeysTableExists = apiKeysResult.length > 0; |
| 259 | + |
| 260 | + if (!apiKeysTableExists) { |
| 261 | + errors.push("API keys table does not exist"); |
| 262 | + } |
| 263 | + |
| 264 | + // Check events table has user_id column |
| 265 | + const eventsColumnQuery = ` |
| 266 | + SELECT name |
| 267 | + FROM system.columns |
| 268 | + WHERE database = '${systemDatabase}' |
| 269 | + AND table = '${tableName}' |
| 270 | + AND name = 'user_id' |
| 271 | + `; |
| 272 | + const eventsColumnResult = await this.clickhouse.queryDatabaseJSON( |
| 273 | + "system", |
| 274 | + eventsColumnQuery, |
| 275 | + ); |
| 276 | + eventsHasUserId = eventsColumnResult.length > 0; |
| 277 | + |
| 278 | + if (!eventsHasUserId) { |
| 279 | + errors.push(`Events table '${tableName}' does not have user_id column`); |
| 280 | + } |
| 281 | + } catch (error) { |
| 282 | + const errorMessage = error instanceof Error |
| 283 | + ? error.message |
| 284 | + : String(error); |
| 285 | + errors.push(`Schema verification failed: ${errorMessage}`); |
| 286 | + } |
| 287 | + |
| 288 | + return { |
| 289 | + usersTableExists, |
| 290 | + apiKeysTableExists, |
| 291 | + eventsHasUserId, |
| 292 | + errors, |
| 293 | + }; |
| 294 | + } |
| 295 | + |
| 296 | + /** |
| 297 | + * Drop all authentication tables (use with caution - for testing/rollback only) |
| 298 | + */ |
| 299 | + async dropAuthTables(): Promise<void> { |
| 300 | + const systemDatabase = this.config.systemDatabase || this.config.database || |
| 301 | + "default"; |
| 302 | + |
| 303 | + console.warn( |
| 304 | + "Dropping authentication tables - this will delete all user data!", |
| 305 | + ); |
| 306 | + |
| 307 | + try { |
| 308 | + // Drop api_keys table first (has foreign key reference to users) |
| 309 | + await this.clickhouse.queryDatabase( |
| 310 | + systemDatabase, |
| 311 | + `DROP TABLE IF EXISTS ${systemDatabase}.api_keys`, |
| 312 | + ); |
| 313 | + console.log("Dropped api_keys table"); |
| 314 | + |
| 315 | + // Drop users table |
| 316 | + await this.clickhouse.queryDatabase( |
| 317 | + systemDatabase, |
| 318 | + `DROP TABLE IF EXISTS ${systemDatabase}.users`, |
| 319 | + ); |
| 320 | + console.log("Dropped users table"); |
| 321 | + |
| 322 | + // Note: We don't drop the user_id column from events table as it might contain data |
| 323 | + console.log("Authentication tables dropped successfully"); |
| 324 | + console.warn( |
| 325 | + "Note: user_id column in events table was not removed to preserve data", |
| 326 | + ); |
| 327 | + } catch (error) { |
| 328 | + const errorMessage = error instanceof Error |
| 329 | + ? error.message |
| 330 | + : String(error); |
| 331 | + throw new Error(`Failed to drop authentication tables: ${errorMessage}`); |
| 332 | + } |
| 333 | + } |
| 334 | +} |
0 commit comments